7/23/2019 Lab Guide- Ccnsp

1/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

1

Lab Guide CCNSP

Intended Audience Who should read this guide?

The Lab Guide is documentation for trainers/admin to help them setup training lab for an upcomingCCNSP training. Cyberoam Global Training Team highly recommends that CCNSP lab should be asper this document so as to facilitate participants with all labs shown in the handbook.

Equipment required for training

Cyberoam appliance model minimum CR25iNG or above running on latest CyberoamOS (Refercsc.cyberoam.com for the latest version) for the trainer. Please note: 25iNG or above applianceis required so that the trainer can demonstrate logging & reporting module.

CR 25iNG and above appliance for each participant (in case of hardware)/ Any model of virtualUTM.

LCD/LED Projector.

Laptop / Desktop for each participant.

All laptop / desktop must have access to Internet via Cyberoam.

Switch to connect Laptop / Desktop / CR.

Enough UTP cables for connectivity.

Internet connectivity with at least two links or can be simulated by connecting two appliances.

Click on the link below that matches your training lab scenario

Training based on Hardware Appliances

o One appliance per participant

o Shared appliance between participants

Training based on Virtual Appliances

7/23/2019 Lab Guide- Ccnsp

2/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

2

Case: Hardware Appliances (Without Sharing)

Lab Setup Diagram

Lab Configurations

With reference to the network diagram, the IP schema of the lab will be as follow:

The Gateway Device will provide Internet connectivity to the participant appliances and will act as aFirewall.

Gateway LAN IP: 192.168.0.1 Subnet Mask: 255.255.0.0

Student IP Schema:

X= Student Number.WAN IP: 192.168.x.1 Subnet Mask: 255.255.0.0

LAN IP: 172.16.x.1 Subnet Mask: 255.255.255.0

DMZ IP: 10.10.x.1 Subnet Mask: 255.255.255.0

7/23/2019 Lab Guide- Ccnsp

3/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

3

Case: Hardware Appliances (Sharing)

Lab Setup Diagram

Lab Configurations

With reference to the network diagram, the IP schema of the lab will be as follow:

The Gateway Device will provide Internet connectivity to the participant appliances and will act as aFirewall.

Gateway LAN IP: 192.168.0.1 Subnet Mask: 255.255.0.0

Student IP Schema:

X= Student Number 1, Y=Student Number 2 (Assume X & Y are sharing same appliance)For Student X:

WAN IP: 192.168.x.1 Subnet Mask: 255.255.0.0

LAN IP: 172.16.x.1 Subnet Mask: 255.255.255.0

DMZ IP: 10.10.x.1 Subnet Mask: 255.255.255.0

Student Y:

WAN IP: 192.168.x.1 Subnet Mask: 255.255.0.0

LAN IP: 172.16.y.1 Subnet Mask: 255.255.255.0

DMZ IP: 10.10.x.1 Subnet Mask: 255.255.255.0

Please note: Labs like Deployment modes, factory reset, firmware restore, upgrade, etc. will be groupactivity per each appliance.

Trainer will have to guide participants on how to create multiple LAN zones on the shared appliance.

7/23/2019 Lab Guide- Ccnsp

4/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

4

Case: Virtual Appliances

Trainer may have Physical/Virtual Appliance with the same configuration as shown below, but theparticipant appliances will be virtual.

Lab Setup Diagram

Pre-requisites

In the Virutal Machine Properties, keep the participant appliance WAN Port bridged with the physicalNIC. Also, Replicate Physical Network connection state option should be checked. This way theparticipant appliance will get the WAN IP address which is leased from the upstream trainer appliance.

7/23/2019 Lab Guide- Ccnsp

5/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

5

It is observed that the above setup works well with Physical NICs and hence Cyberoam GlobalTraining Team recommends using the participants physical NICconnection in place of Wireless NIC.

Minimum Hardware requirement to run VMware player/Workstation should be met along with thefollowing. Please note: VMware workstation/Player must be installed on the participants machine priorto the training.

One vCPU

1 GB vRAM

3 vNIC

1 Serial Port 1 USB Port

Atleast 5 GB of free disk space

DHCP server scopes should be turned off on all the appliances, i.e. on the trainer appliance LAN portshould be in the IP schema as defined by the diagram. Participant appliances should be assignedStatic IP on WAN port. Similarly, participant appliances LAN port should not be a DHCP server.

How to get Virtual Appliances

To procure virtual appliances for your upcoming training, a trainer is required to email the CyberoamGlobal Training Team a minimum of 2 weeks prior to the training date. It is also the responsibility of

trainer to ensure that the minimum hardware requirements for running virtual appliances is met with.

Lab Configurations

With reference to the network diagram, the IP schema of the lab will be as follow:

The Gateway Device will provide Internet connectivity to the participant appliances and will act as aFirewall.

Gateway LAN IP: 192.168.0.1 Subnet Mask: 255.255.0.0

7/23/2019 Lab Guide- Ccnsp

6/6

ab Guide - CCNSP Cyberoam Certified Network & Security Cou

6

Student IP Schema:

X= Student Number.

WAN IP: 192.168.x.1 Subnet Mask: 255.255.0.0

LAN IP: 172.16.x.1 Subnet Mask: 255.255.255.0

DMZ IP: 10.10.x.1 Subnet Mask: 255.255.255.0